package com.smart.auth.config;

import com.smart.auth.handler.*;
import com.smart.auth.service.impl.AuthUserDetailServiceImpl;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

import javax.annotation.Resource;

/**
 * @author zhangwei
 */
@Configuration
public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
    /**
     * 认证成功的处理
     */
    @Resource
    SmartAuthenticationSuccessHandler authenticationSuccessHandler;
    /**
     * 认证失败的处理
     */
    @Resource
    SmartAuthenticationFailureHandler authenticationFailureHandler;
    /**
     * 登出失败的处理
     */
    @Resource
    SmartLogoutSuccessHandler logoutSuccessHandler;

    @Resource
    SmartAuthenticationEntryPoint authenticationEntryPoint;
    @Resource
    SmatAccessDeniedHandler accessDeniedHandler;
    @Resource
    AuthUserDetailServiceImpl authUserDetailService;
    @Resource
    JWTConfigProperties configProperties;

    @Resource
    PasswordEncoder passwordEncoder;


    /**
     * 认证
     *
     * @param auth
     * @throws Exception
     */
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        // 自定义认证
        auth.userDetailsService(authUserDetailService)
                // 加密器
                .passwordEncoder(passwordEncoder);
    }

    /**
     * 过滤URL地址
     *
     * @param http
     * @throws Exception
     */

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // 1 配置登录
        // 登录url地址
        // 登录 用户名
        // 登录 密码
        // 登录成功的处理器
        // 登录失败的处理
        http.formLogin()
                .successHandler(authenticationSuccessHandler)
                .failureHandler(authenticationFailureHandler)
                .permitAll();

        // 2 登出配置
        http.logout().logoutSuccessHandler(logoutSuccessHandler);

        // 3 配置过滤的url
        http.authorizeRequests()
                .antMatchers(configProperties.getAntMatchers())
                .permitAll()
                // 其他请求全部都需要认证
                .anyRequest().fullyAuthenticated();
        // 4 未登录处理
        http.httpBasic().authenticationEntryPoint(authenticationEntryPoint);
//        5  无权限的处理配置
        http.exceptionHandling().accessDeniedHandler(accessDeniedHandler);
//        6. 其他   jwt  禁用session  跨域请求 前端技术  禁用请求缓存
        http.cors().disable();
        http.csrf().disable();
        //  http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        http.headers().cacheControl().disable();
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return NoOpPasswordEncoder.getInstance();
    }


}
